I paid tuition for my kids school today. (wish we were public: #nyc #school system is messed up;dont want to discuss why here.)
#blackbaud is the payment system. They finagled a way to charge us $70 in fees because they didn't notify me until after assessed date that they had a problem charging my CC.
seems predatory
That led me down the rabbit hole-bad guy enablers:
https://techcrunch.com/2022/06/02/social-good-cloud-provider-blackbaud-takes-millions-from-the-nra/
data breach helpers:
https://www.ftc.gov/news-events/news/press-releases/2024/05/ftc-finalizes-order-blackbaud-related-allegations-firms-security-failures-led-data-breach
Curious about threads here that give details on them
FTC orders Blackbaud to increase cybersecurity after data breach back in 2020. Blackbaud provides cloud-based donor data management software to non-profit organizations. They were hit by a ransomware attack that affected millions of people. According to FTC, Blackbaud had poor security practices and controls. This is just one case that shows the importance of cybersecurity and the consequences of not paying attention.
Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people.
Data and software services firm Blackbaud's cybersecurity was criticised as "lax" and "shoddy" by the United States Federal Trade Commission (FTC) in a damning post-mortem of the business’s February 2020 data breach.
Data and software services firm Blackbaud's cybersecurity was criticised as "lax" and "shoddy" by the United States Federal Trade Commission (FTC) in a damning post-mortem of the business’s February 2020 data breach.
FTC slams Blackbaud for "shoddy", "lax" cybersecurity.
Read more in my article on the Bitdefender blog: https://www.bitdefender.com/blog/hotforsecurity/ftc-slams-blackbaud-for-shoddy-security-after-hacker-stole-data-belonging-to-thousands-of-non-profits-and-millions-of-people/
Data and software services firm Blackbaud's cybersecurity was criticised as "lax" and "shoddy" by the United States Federal Trade Commission (FTC) in a damning post-mortem of the business’s February 2020 data breach.
The #FTC went after #Blackbaud for its poor security, #databreach in 2020, and incident response. A ton of provisions in the proposed order, but no monetary penalty.
Direct link to proposed order: https://www.ftc.gov/news-events/news/press-releases/2024/02/ftc-order-will-require-blackbaud-delete-unnecessary-data-boost-safeguards-settle-charges-its-lax
I like how they included that after paying $250k to the threat actors to get them to delete the data, "The company never verified, however, that the hacker actually deleted the stolen data, according to the complaint."
Multistate Coalition of State Attorneys General Secures $49.5 Million from Cloud Company #Blackbaud for 2020 Data Breach #ransomware
https://www.lexology.com/library/detail.aspx?g=c4422b96-c5ab-4f30-ad9d-e1b0f535ef4c
Follow GOLF
Jonathan Kamens 86 47
legraLeGra
RF Wave
dispatch
ITSEC News
Graham Cluley
Dissent Doe 
Brett Callow
Bmixed